CVE-2026-27578

creationtimestamp| type| source ---|---|--- 2026-02-26 01:13:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfpzdmgmkb2u 2026-02-26 05:10:19+00:00| seen| https://gist.github.com/alon710/0d80cde6bd8b242b554f8f77bc43b2c0 2026-02-26 11:50:14+00:00| seen|...

CVE-2026-27578 n8n Vulnerable to Stored XSS via Various Nodes

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could inject arbitrary scripts into pages rendered by the n8n application using different techniques on various nodes Form Trigger...

@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by CVE-2026-27578 via n8n (>=0.138.0 <=0.93.0)

n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: CVE-2026-27578 Source advisory: OSV:GHSA-2P9H-RQJW-GM92...

CVE-2025-27578

Pixmeo OsiriX MD is vulnerable to a use after free scenario, which could allow an attacker to upload a crafted DICOM file and cause memory corruption leading to a denial-of-service condition...

CVE-2025-27578 Pixmeo OsiriX MD Use After Free

Pixmeo OsiriX MD is vulnerable to a use after free scenario, which could allow an attacker to upload a crafted DICOM file and cause memory corruption leading to a denial-of-service condition...

CVE-2023-27578

creationtimestamp| type| source ---|---|--- 2023-03-21 05:30:10+00:00| seen| https://t.me/cibsecurity/60354...

CVE-2023-27578

Galaxy is an open-source platform for data analysis. All supported versions of Galaxy are affected prior to 22.01, 22.05, and 23.0 are affected by an insufficient permission check. Unsupported versions are likely affected as far back as the functionality of Visualizations/Pages exists. Due to thi...

CVE-2023-27578 Galaxy vulnerable to unauthorized modification of pages/visualizations due to insufficient permission check

Galaxy is an open-source platform for data analysis. All supported versions of Galaxy are affected prior to 22.01, 22.05, and 23.0 are affected by an insufficient permission check. Unsupported versions are likely affected as far back as the functionality of Visualizations/Pages exists. Due to thi...

CVE-2023-27578 Galaxy vulnerable to unauthorized modification of pages/visualizations due to insufficient permission check

Galaxy is an open-source platform for data analysis. All supported versions of Galaxy are affected prior to 22.01, 22.05, and 23.0 are affected by an insufficient permission check. Unsupported versions are likely affected as far back as the functionality of Visualizations/Pages exists. Due to thi...

CVE-2023-27578

CVE-2023-27578 affects the Galaxy open-source data-analysis platform. The root cause is an insufficient permission check, allowing an attacker to modify or delete any Galaxy Visualization or Galaxy Page, or copy/import a Visualization, if they know the encoded ID. Affected versions include all su...

CVE-2022-27578

creationtimestamp| type| source ---|---|--- 2022-04-12 00:31:23+00:00| seen| https://t.me/cibsecurity/40569...

CVE-2022-27578

An attacker can perform a privilege escalation through the SICK OEE if the application is installed in a directory where non authenticated or low privilege users can modify its content...

CVE-2022-27578

An attacker can perform a privilege escalation through the SICK OEE if the application is installed in a directory where non authenticated or low privilege users can modify its content...

CVE-2022-27578

CVE-2022-27578 affects SICK OEE. A privilege escalation is possible when the OEE application is installed in a directory that non-authenticated or low-privilege users can modify. Root cause: write-access to application content enables elevation. Impact: local privilege escalation with high/confid...

CVE-2021-27578

Cross Site Scripting vulnerability in markdown interpreter of Apache Zeppelin allows an attacker to inject malicious scripts. This issue affects Apache Zeppelin Apache Zeppelin versions prior to 0.9.0...

CVE-2021-27578

CVE-2021-27578 is a Cross Site Scripting vulnerability in the Markdown interpreter of Apache Zeppelin. Affected product: Apache Zeppelin (web-based notebook). Affected version: prior to 0.9.0. Root cause: XSS in the markdown interpreter that allows an attacker to inject malicious scripts. Impact:...

CVE-2021-27578 Cross Site Scripting in markdown interpreter

Cross Site Scripting vulnerability in markdown interpreter of Apache Zeppelin allows an attacker to inject malicious scripts. This issue affects Apache Zeppelin Apache Zeppelin versions prior to 0.9.0...